Zoom will owe you $15 after lawsuit for lying about encryption
Last year, Zoom was hit by a class-action lawsuit for lying about offering complete end-to-end encryption for Zoom calls. Ever since at least 2016, the conference platform has been promising users that their online communications are protected by 256-bit end-to-end encryption which ensures maximal privacy and security from cyberattacks.
However, the only instance in which users did enjoy this promised privacy feature was if they were conducting a meeting through the paid Zoom Room connector platform, which allows them to host the meeting on their own servers rather than Zoom's own internationally based servers. Not only has Zoom not been encrypting the data, but it has also been illegally selling it to Facebook and Google without users' consent.
Zoom has further been lying about encrypting recorded meetings before saving them in the cloud, a claim that was discovered in the lawsuit to be misleading. "Instead," an FTC report says, "some recordings allegedly were stored unencrypted for up to 60 days on Zoom's servers before being transferred to its secure cloud storage."
Zoom could soon owe you $15 or $25
Last Saturday saw some forward movement in the court case, when Zoom filed a proposal for a settlement in which it will pay out $85 million to all affected users throughout the United States. This would give Zoom users either $15 or $25 of compensation each, as also reported by Ars Technica, which has been following the case from its beginning in 2020.
A screenshot from the settlement proposal
Any and all Americans who have used Zoom since the beginning will receive the $15 compensation, while those who used any of the paid Zoom account versions will receive either a 15% refund or $25—whichever ends up being greater. Because the lawsuit took place in the United States, though, only US citizens will receive compensation.
The rest of the world may equally have had their data compromised and illegally sold to third parties, but unless another class-action lawsuit is picked up in the EU or elsewhere, things remain as they are.
The proposed settlement includes security fixes, future honesty
Along with the offered compensation, Zoom promises to "improve meeting security, bolster privacy disclosures, and safeguard consumer data." This includes taking care of past security vulnerabilities which were allowing "Zoombombings" to happen occasionally, when a conference call would get penetrated and disrupted by internet trolls who had illegally gained access to the meeting.
If the settlement is accepted and approved by the court, this would put an end to the lengthy court proceedings, and hopefully spell the beginning of better transparency and improved security from the conference platform, which much of the world has grown accustomed to using ever since the pandemic confined us to working and studying from our homes for a long time.
Zoom has been so successful—largely due to the pandemic—that only from Q1 (February-April) of this year, it reported a revenue of 956.2 million. The net income of that was $227.5 million, so the $85 million will definitely sting a little, hopefully just enough to avoid further such blunders from the company.
The court hearing for the plaintiffs to either motion for approval or rejection of the proposal is already set in about two months' time, on October 21.